The cost of operational technology (OT) cybersecurity is rising sharply. In a worst-case modeled scenario, OT cyber incidents could cost as much as US $329.5 billion globally, with Europe among the most exposed regions. Recently, a cyber incident affected Jaguar Land Rover, which forced the shutdown of its production and retail operations. This left plants idle and vehicles unregistered during one of the industry’s busiest weeks. Unfortunately, the threat is not limited to manufacturing. Major European airports (including Brussels and London) were also hit by a ransomware attack, disrupting automated check-in and boarding systems. Airlines and airports were forced to fall back on manual processes and cancel or delay dozens of flights. Clearly, this is a clear and present challenge for every industrial operator.
It’s why Europe is tightening its regulatory framework with NIS2. Pushing cybersecurity out of the IT silo and into the boardroom as a matter of resilience and competitiveness. Cyber threats are clearly escalating: for instance, in Q2 2025, global cyberattacks rose around 21% versus the same period last year, and Europe showed the highest region-level increase.
NIS2 is more than a compliance mandate; it’s a turning point in how Europe’s industrial leaders, and global organizations with European connections, approach OT security. While the directive is of European origin, its impact extends worldwide, as multinational enterprises adopt NIS2-aligned practices to enhance their overall cybersecurity posture. Compliance is not the finish line, but the outcome of a resilient and well-governed security framework. By extending accountability to the boardroom and demanding visibility across supply chains, the directive reframes cybersecurity as a matter of operational resilience. For industrial manufacturers, the opportunity lies in moving from ad hoc protection to systematic, real-time governance.
OT security is now a board-level concern
Historically, the operations systems that ran factories, power grids, and water treatment plants were managed separately from IT, often without unified oversight. NIS2 changes that dynamic by formally expanding responsibility to the executive suite and introducing clear accountability. A breach is no longer a technical failure; it is a governance issue with operational consequences. Cybersecurity, once treated as a cost center, is now a strategic priority.
Securing a weak link: Supply chains
One of the most important shifts of NIS2 is the extension of an “all-hazards approach” security posture that goes beyond an organization’s own perimeter. Industrial leaders are now responsible for assessing and ensuring the cyber hygiene of every third-party vendor, system integrator, and OEM that interacts with their operations. As digitalization deepens, interdependence across the value chain has made supply chain cybersecurity risks more pronounced.
Sixty percent of data breaches originate from third-party vendors, underscoring the importance of collaboration and governance. To maintain a consistent security posture, industrial organizations must hold their partners to the same standards they apply to themselves.
A single oversight, such as a technician using an unsecured USB to update a programmable logic controller (PLC), can spread malware across a plant network. NIS2 requires procurement and vendor management processes to evolve, embedding security standards into contracts and RFQs. The goal is to turn supply chains from potential vulnerabilities into assets that strengthen resilience.
For example, one European pharmaceutical manufacturer used a structured risk assessment framework to evaluate and securely onboard new automation vendors. By analyzing vendor architectures and identifying compliance gaps early, the company strengthened its supply chain resilience and aligned with NIS2 requirements.
From audits to automated resilience
Meeting NIS2’s 24/72-hour incident reporting window is practically impossible using only manual audits. Legacy OT systems were built for availability, not for logging or alerting. Compliance requires a move toward automation and continuous visibility.
This means deploying monitoring tools that provide real-time oversight of OT networks, feeding into centralized security operations centers. Likewise, it requires incident response playbooks and workflows so issues can be detected, contained, and reported with speed and accuracy. Automation strengthens resilience, but only when paired with holistic governance and process.
Case in point: one European food and beverage manufacturer used centralized monitoring and structured incident response protocols to align its OT security with NIS2 requirements. The result? A more than 40% improvement in threat detection and response times. This not only strengthened compliance but also reduced the risk of production disruptions.
Embedding cyber awareness into operational DNA
Technology is only part of the solution. Even the best monitoring tool cannot prevent mistakes if awareness is low. NIS2 highlights the importance of culture: cyber awareness must become as routine as safety training.
That requires continuous education from the boardroom to the shop floor. It’s important that everyone:
- Understand the ‘why’ behind security policies
- Builds confidence in processes
- Feels empowered to act as a human firewall
Over time, this shift can transform employees from potential vulnerabilities into defense layers.
The value of the right partner
Industrial leaders need partners who can:
- Understand the unique demands of OT
- Bridge the gap between IT and OT cultures
- Provide practical guidance on risk assessments, governance frameworks, and modernization strategies.
With decades of experience in OT, Schneider Electric™ can bridge shop-floor realities with boardroom expectations. Our approach to cybersecurity is a continuous process of assessment, governance, and improvement.
From compliance to confidence
NIS2 marks a new era for industrial cybersecurity in Europe and beyond, with global impacts. It shifts responsibility to the highest levels of leadership, extends accountability through supply chains, and emphasizes governance, culture, and automation as pillars of resilience. While implementation is uneven across EU Member States, organizations that adopt best practices now will be better prepared to adapt as enforcement tightens.
Ultimately, organizations should view NIS2 compliance as the natural outcome of a strong cybersecurity posture. When embedding best practices in governance, monitoring, and collaboration across operations, alignment with NIS2 (and similar global regulations) follows naturally. The goal is to close gaps between current posture and regulatory expectations, improving security maturity as a routine discipline rather than a reactive obligation.
Want to learn more? Visit our Cybersecurity Services to see how we can help.
To learn more about our end-to-end solutions supported by intelligent software and global expertise, explore our new SE Advisory Services.
About the author
Omar Garcia, Global Director – Cybersecurity Services
Omar is a seasoned cybersecurity leader with over two decades of experience, including 16 years specializing in ICS/OT security. With a strong foundation in software development, his career began in authentication and access control systems before transitioning into industrial cybersecurity at Schneider Electric.
Recognized as a Subject Matter Expert in ICS Cybersecurity, Omar has held strategic roles such as Cybersecurity Lead Engineer, Project Manager, and Operations Manager across EURA & LATAM. Currently serving as Global Director of Cybersecurity IA Services, he brings a multidisciplinary approach to solving complex technical challenges, fostering collaboration, and driving innovation in critical infrastructure protection.
Add a comment